High severity7.2NVD Advisory· Published Jan 3, 2022· Updated Jun 17, 2026
CVE-2021-24786
CVE-2021-24786
Description
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Download Monitordescription
- Range: <4.4.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/a6571f16-66d2-449e-af83-1c6ddd56edfanvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.